Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ambidextrous Linux/Windows Virus

Posted by ryuzaki0 on from the getting-it-from-both-ends dept.

Lam1969 writes "Kaspersky Labs has reported a new proof-of-concept virus that can infect both Windows and Linux systems. It's called Virus.Linux.Bi.a/Virus.Win32.Bi.a and affects ELF binaries and .exe's from windows. SANS has a brief item on the cross-platform virus as well, but no information about a patch or signature yet."

9 of 361 comments (clear)

  1. Does this mean.... by da · · Score: 5, Funny

    ... linux is ready for the desktop? [ducks]

    --
    I reserve the right to be wrong.
  2. Re:Not to worry by GrumblyStuff · · Score: 5, Funny

    Windows users are prepared for viruses...

    What bizarro Earth are you from?

  3. Re:How is it POC? by EndlessNameless · · Score: 5, Informative

    It seems that the reason it's considered a POC at this point is because it has no real payload. All it does is spread, and not nearly as heinously as Blaster/Welchia/Sasser.

    As soon as it gets backdoor or downloader functionality... then it becomes a more serious threat. And really you, me, and the guys at Secunia/SARC/SANS/ISC/etc all know that's where this is headed.

    So yes... in the sense of where this particular piece of malware is headed, this is a proof-of-concept. It's a live test of the progagation mechanism. The payload will be dropped into place soon... probably in the next version since this one looks like it's working fine.

    --

    ---
    According to the latest ruleset, this post should be modded as Vorpal Flamebait +5.
  4. Re:Not to worry by Rosco+P.+Coltrane · · Score: 5, Informative

    Windows users are prepared for viruses and the reason Linux users do not sweat them much is not because linux viruses do not exist; it is because system design makes their impact minimal.

    Actually, you're quite wrong. Linux flaws have existed and are still found today that can be (and have been) taken advantage of. The reason Linux users don't sweat is because flaws are spotted quickly by many people who read the code, and fixed quickly too. That and people who code open-source tend to produce good code, as a matter of pride.

    Oh and by the way, Windows has a "safe"(well, safer) operating mode in the form of a user account, but nobody uses it because it's a PITA, so everybody stays in supervisor mode and bad things happen.

    --
    "A door is what a dog is perpetually on the wrong side of" - Ogden Nash
  5. Took long enough... by Eric+Damron · · Score: 5, Funny

    Well it's about time! Finally inter-platform operability.

    --
    The race isn't always to the swift... but that's the way to bet!
  6. Symantec by rmsmith · · Score: 5, Interesting

    I find it interesting that this 'virus' appears shortly after Symantec reportedly gets cushy with the Linux press

  7. Re:How is it distributed? by adnonsense · · Score: 5, Funny

    I have reverse-engineered the virus and discovered an insiduous distribution mechanism:

    root# wget http://warez.example.com/Virus.Linux.Bi.a.tgz
    root# tar xzf Virus.Linux.Bi.a.tgz
    root# cd Virus.Linux.Bi.a
    root# ./configure --prefix=/usr/local/virii --with-natalie-portman=hot-grits --with-beowulf-cluster=yes
    root# make && make install
    root# PATH=$PATH:/usr/local/virii/bin
    root# rehash
    root# pwn3d &
  8. Re:I'll beat you to it.. by zpeterz63 · · Score: 5, Funny

    I'm not so sure...it could go either way.

  9. Linux Infection Instructions by rossz · · Score: 5, Funny

    To Infect your Linux box with Virus.Linux.Bi.a, please follow these instructions.

    1. If gcc is not installed, install it.
    2. Unpack the archive: tar xvzf Virus.Linux.Bi.a.tar.gz
    3. Switch to the directory: cd Virus.Linux.Bi.a
    4. ./configure
    5. make
    6. su root
    7. make install

    Enjoy

    --
    -- Will program for bandwidth